Signature Detail
Short Name |
SMB:SAMBA-UNICODE-FLAGS2-DOS |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
SMB |
Keywords |
Samba smbd Flags2 Header Parsing Denial of Service |
Release Date |
2010/10/07 |
Update Number |
1787 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMB: Samba smbd Flags2 Header Parsing Denial of Service
This signature detects attempts to exploit a known null pointer dereference vulnerability in Samba smbd. It is due to a design error while handling crafted Flags2 header values. If the flag for Unicode strings is changed in the Flags2 value, the vulnerable code does not properly handle such a case. An unauthenticated attacker could exploit this by sending crafted initialization requests to the target server.
Extended Description
Samba is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to crash the application, denying service to legitimate users. Versions prior to Samba 3.4.8 and 3.5.2 are vulnerable.
Affected Products
- Gentoo Linux
- Mandriva Linux Mandrake 2010.0
- Mandriva Linux Mandrake 2010.0 X86 64
- Pardus Linux 2009
- Samba 3.4.1
- Samba 3.4.2
- Samba 3.4.5
- Samba 3.4.6
- Samba 3.4.7
- Samba 3.5
- Samba 3.5.1
References
- BugTraq: 40097
- CVE: CVE-2010-1635
- CVE: CVE-2010-1642
- URL: http://samba.org/samba/history/samba-3.4.8.html